Daily NCSC-FI news followup 2020-02-25

Mobile malware evolution 2019

securelist.com/mobile-malware-evolution-2019/96280/

Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT

www.fireeye.com/blog/threat-research/2020/02/ransomware-against-machine-learning-to-disrupt-industrial-production.html

Firefox enables DNS-over-HTTPS by default (with Cloudflare) for all U.S. users

thehackernews.com/2020/02/firefox-dns-over-https.html

Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks

thehackernews.com/2020/02/google-chrome-zero-day.html

New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

thehackernews.com/2020/02/opensmtpd-email-vulnerability.html

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing

thehackernews.com/2020/02/spear-phishing-cybersecurity.html

Quick look at a couple of current online scam campaigns

isc.sans.edu/diary/rss/25838

Firefox for Mac and Linux to get a new security sandbox system

www.zdnet.com/article/firefox-for-mac-and-linux-to-get-a-new-security-sandbox-system/ RLBox is an innovative project because it takes sandboxing to the next level. Instead of isolating the app from the underlying operating system, RLBox separates an app’s internal components — namely its third-party libraries — from the app’s core engine.

RSAC 2020 Keynote: Changing the Worlds False Perception of Cybersecurity

threatpost.com/rsac-2020-keynote-changing-the-worlds-false-perception-of-cybersecurity/153203/ We are only as good as the story we leave behind, he said. The story we want is a business story of cyber resilience, not a technical story of cyber ping pong.. The struggle that we often see in these types of stories engenders pity and fear, but its not one of the defender, but one of the protected.

Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work

threatpost.com/sen-schumer-pushes-for-tsa-employee-ban-on-tiktok-app-at-work/153192/ The Department of Homeland Security and two U.S. military branches already had discontinued use of the app based on concerns over Chinese data-security and censorship practices.

Microsoft previews Microsoft Defender ATP for Linux

www.zdnet.com/article/microsoft-previews-microsoft-defender-atp-for-linux/

UK financial watchdog admits to leaking confidential consumer data

www.zdnet.com/article/uk-financial-watchdog-admits-to-leaking-confidential-consumer-data/#ftag=RSSbaffb68 A Freedom of Information Act request published on the FCA website revealed more than it should.

ASIO: Relentless advance of technology was outstripping our capabilities

www.zdnet.com/article/asio-relentless-advance-of-technology-was-outstripping-our-capabilities/ Australian Security Intelligence Organisation (ASIO) Director-General of Security Mike Burgess has praised the introduction of new powers such as those contained within Australia’s encryption legislation to help the spy agency combat the new battleground that technology has created.

Australian banks targeted by DDoS extortionists

www.zdnet.com/article/australian-banks-targeted-by-ddos-extortionists/ Hackers are sending emails to banks asking for large payments in Monero, and threatening DDoS attacks if their demands aren’t met.

North Korea Is Recycling Mac Malware. That’s Not the Worst Part

www.wired.com/story/malware-reuse-north-korea-lazarus-group/ Lazarus Group hackers have long plagued the internetusing at least one tool they picked up just by looking around online.

Password killer FIDO2 comes bounding into Azure Active Directory hybrid environments

www.theregister.co.uk/2020/02/25/fido2_azure_ad_hybrid/

New Mozart Malware Gets Commands, Hides Traffic Using DNS

www.bleepingcomputer.com/news/security/new-mozart-malware-gets-commands-hides-traffic-using-dns/

PayPal Users Hit With Fraudulent ‘Target’ Charges via Google Pay

www.bleepingcomputer.com/news/security/paypal-users-hit-with-fraudulent-target-charges-via-google-pay/ Hackers are using an unknown method to make fraudulent charges on PayPal accounts linked via GooglePay. These transactions are being charged through Target stores or Starbucks in the United States even though the account holders are in Germany.

DoppelPaymer Ransomware Launches Site to Post Victim’s Data

www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-launches-site-to-post-victims-data/ The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted.

Credit Card Skimmer Running on 13 Sites, Despite Notification

www.bleepingcomputer.com/news/security/credit-card-skimmer-running-on-13-sites-despite-notification/ The tally of shopping websites infected by MageCart Group 12 with JavaScript that steals payment card info is seeing a sharp increase. Nearly 40 new victims have been discovered.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.